CVE-2017-6954

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2017-6954

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-6954.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2017-6954

Aliases

GHSA-9wf6-88x4-6xvj

Published

2017-03-17T09:59:00.147Z

Modified

2026-04-10T04:02:43.495549Z

Severity

4.3 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N CVSS Calculator

Summary

[none]

Details

An issue was discovered in includes/component.php in the BuddyPress Docs plugin before 1.9.3 for WordPress. It is possible for authenticated users to edit documents of other users without proper permissions.

References

Affected packages

Git / github.com/boonebgorges/buddypress-docs

Affected ranges

Type: GIT
Repo: https://github.com/boonebgorges/buddypress-docs
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

75293ed4e5f31f04e54689bfe2c647e3e3f5e1a9

Type

GIT

Repo

https://github.com/buddypress/buddypress

Events

Introduced

Last affected

702f9306a6ce1226d1fb7e73cf8257d12f2608e6

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.9.2"
        }
    ]
}

Affected versions

1.*

1.0.3

1.0.5

1.0.6

1.0.7

1.1

1.1.1

1.1.10

1.1.11

1.1.12

1.1.13

1.1.14

1.1.15

1.1.16

1.1.17

1.1.18

1.1.19

1.1.2

1.1.3

1.1.4

1.1.5

1.1.6

1.1.7

1.1.8

1.1.9

1.2

1.2.1

1.2.10

1.2.2

1.2.3

1.2.4

1.2.8

1.2.9

1.3

1.4

1.4.1

1.4.2

1.4.3

1.4.5

1.5

1.5.1

1.5.2

1.5.3

1.5.4

1.5.5

1.5.6

1.7.0

1.9.1

1.9.2

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-6954.json"